The manufacturer of ATMs shut down its cloud services to prevent additional exposure of private customer data.
A crypto breach is said to have cost General Bytes, a manufacturer of bitcoin ATMs, BTC valued roughly $1.5 million. During March 17 and 18, the business reported a security problem that permitted unauthorized access to user data that was compromised.
The attacker reportedly acquired remote access to the complete database, API keys, hot wallets, user names, and passwords, according to the press statement. As a result, the attacker may disable two-factor authentication and get access to terminal event logs that might have contained information on users who may have scanned their private keys at any Bitcoin ATM. The hacker was able to transfer tokens into other wallet addresses thanks to the hacked hot wallets. The cloud services of General Bytes were also hacked.
The manufacturer of the Bitcoin ATM published the 41 wallet addresses used in the breach after it happened. A wallet address got 56 Bitcoin, or around $1.5 million, at one time. A second wallet account also got around 21.82 ETH, or more than $39,000 at the time of writing.
The ATM manufacturer shut down its cloud services after the security issue to prevent future vulnerability of private user data. A security warning was also distributed by the corporation to all managers and users of its ATMs across the world. Instructions on how operators should verify breaches on their systems and how to correct the breaches were given in the warning.
The Bitcoin creator released two security fixes for the Crypto Application Server and once more recommended BTC ATM operators to install it (CAS).
The company has also offered an open invitation to several security companies to re-audit its systems. The company stated that since 2021, it has finished many security examinations. They all failed to recognize this weakness, it stated.
The company thinks that having numerous audits conducted by different parties may prevent future occurrences of these kinds of problems. Any interested security companies will need to spend a short amount of time at the headquarters in Prague to examine the ATMs in person.
Although private keys and smart contracts may be the most popular targets for cryptocurrency attacks, they are not the only dangers. The cryptocurrency breach serves as a reminder of how crucial it is to have a thorough security strategy for the blockchain ecosystem. Attacks at all blockchain endpoints and ecosystem levels will be addressed by such a strategy.